I am not one to jump on any bandwagon or get excited over anything unless I have good reason. I don’t generally get too excited about browsers. I have found them frustrating, to say the least. In the beginning of the last decade, Google Chrome came onto the scene in spectacular fashion. It was light, … Continue reading Microsoft Edge Browser on openSUSE Linux →

Dear Tumbleweed users and hackers,

Week 44 brought, among many other things, an upgrade to Kernel 5.9.1. The feedback I had seen so far was good, so people can still do their work.

In total, Tumbleweed has released 5 snapshots (1023, 1024, 1025, 1026, and 1028) during this week. The most noteworthy changes include:

• Freetype 2.10.4
• sssd 2.4.0
• Ghostscript 9.59.3 (there is again a patch lever in the version number; some scripts/apps trip over this)
• Mozilla Firefox 82.0
• Mozilla Thunderbird 78.4.0
• Cups 2.3.3
• Linux kernel 5.9.1
• GStreamer 1.18.0
• Ruby 2.6 has been completely eliminated
• nasm 2.15.05
• PostgreSQL 13
• jsoncpp 1.9.4

Looking back at the stuff being integrated, that was indeed a big part of that list. Currently, we build these major changes in our staging projects (ar are aware of the changes upcoming soon)

• KDE Plasma 5.20.2
• Perl 5.32.0
• GLibc will be configured with CET enabled (Intel Control-flow Enforcement Technology)
• LLVM 11
• RPM 4.16
• Ruby 3.0 (final release is scheduled for the end of December)
• GNOME 3.38.1: awaiting sec review for malcontent (parental control feature)
• openssl 3.0 (long-term; no progress in the last few weeks)

Another development sprint ended for the YaST Team this week. This time we have fewer news than usual about new features in YaST… and the reason for that may surprise you. Turns out a significant part of the YaST Team has been studying the internals of Cockpit in an attempt to use our systems management knowledge to help to improve the Cockpit support for (open)SUSE.

But that doesn’t mean we have fully stopped the development of YaST and other parts of the installation process. Apart from working in several not yet finished improvements that will be presented in our next blog post, we have:

• Started to add unit tests to the ancient Perl libraries that generate the system image used to run the installer.
• Added a new emergency mechanism to ignore errors found while analyzing storage devices.
• Extended linuxrc with the ability of sending DHCP requests in RFC2132 format.

While doing all that and fixing several bugs, we also found time to prepare and deliver our presentation in the openSUSE + LibreOffice Virtual Conference, with the self-explanatory title of “Top 25 New Features in (Auto)YaST”. We are not fully sure whether a recording of the talk will be uploaded by the organizers at some point, but we will keep you informed if that happens.

That’s all folks! See you again in (hopefully less than) two weeks.

The past week has been pretty productive for openSUSE Tumbleweed as five major version updates landed in the rolling release.

Five snapshots have so far been released since the last Tumbleweed article.

One of the two major version updates in the latest 20201026 snapshot was a Mozilla Firefox 82.0 update; the new version resolved seven Common Vulnerabilities and Exposures and improved performance with restoring sessions and page loads. Mozilla Thunderbird also had an update to version 78.4.0, which added some mail extension Application Programming Interfaces. The printing update to cups 2.3.3 added a workaround for the scheduler’s systemd support and fixed a warning options support for GNU Compiler Collection 9. A daylight saving time fix for glib2 2.66.2 changed the default format. The 5.9.1 Linux Kernel arrived in the snapshot and fixed a kernel panic bsc#1177973. MariaDB updated to version 10.5.6 from 10.4.14, which implemented new features and made all binaries previously beginning with mysql to begin with mariadb or with symlinks for the corresponding mysql command. The other major version update was to perl-URI 5.05 from version 1.76; the change was made to bump all versions to 5.05 in order to remove various version mismatches, according to the changelog. The snapshot is trending moderately at an 83 rating on the Tumbleweed snapshot reviewer.

Only two Python packages arrived in snapshot 20201025, which is trending at a 96. A major version update of python-hyperlink 20.0.1, which provide pure-Python implementations of immutable URLs, fixed several bugs related to hidden states; this made all data on a URL object (including rooted and uses_netloc) reflective by and consistent with its textual representation. The update of python-numpy 1.19.2 increased the required memory to avoid test failures and openQA found an issue (boo#1176832) and upgraded older distro versions, which did not package f2py using update-alternatives.

Two more major version updates arrived in snapshot 20201024 and postgresql 13 was one of them. Significant improvements in postgresql 13 include indexing and a lookup system that benefit large databases; this helps with space savings and performance gains for indexes as well as faster response times for queries that use aggregates or partitions. A list of improvements can be found in the project’s news release. The other major version update was to the utility manager ndctl 70.1, which added firmware activation support. A few Advanced Linux Sound Architecture packages updated to version 1.2.4, which lists some configuration changes along with a few new hotplugs for AICA (Dreamcast) Firmware and AudioScience ASIHPI Firmware. Debugging tools in the xfsprogs 5.9.0 package fixed the potential unterminated string problem for libhandle. The snapshot is trending at a 90.

The two previous snapshot, 20201023 and 20201022, both have a 99 rating.

The 20201023 snapshot updated freetype2 2.10.4 that fixed a heap buffer overflow introduced in version 2.6. Ghostscript interpreter 9.53.3 provided some fixes for a few crashes and introduced a patch that took care of an unexpected side effect, which prevented multithreaded rendering and background rendering from working correctly. The transport protocol v2 has become the default again with git 2.29.0 and system daemon sssd 2.4.0 allows session recording to exclude specific users or groups when scope is set to all.

KDE’s Plasma 5.20.1 arrived in snapshot 20201022; the release had bugfix for KWin, Bluedevil and Breeze. One of the Plasma Desktop changes fixed the sizing of the media controls. The 7.73.0 of the data transfer tool curl had a lengthy amount of updates to an addition of an add –output-dir.

The openSUSE community is inviting package maintainers, contributors, open source developers and Leap 15.3 stakeholders to join the openSUSE community for a kickoff of Leap 15.3.

The kickoff session starts Nov. 4 at 16:30 UTC on https://meet.opensuse.org/LeapKickoff.

The session will start with a short pre-recorded video updating attendees about the status of Jump 15.2.1, explaining what to expect from the Leap 15.3 release and presenting a roadmap forward for the release.

“Let me share with you the next steps with Closing The Leap Gap and openSUSE Leap and what I’ve agreed upon today with openSUSE Board members,” wrote release manager Lubos Kocman in an email for developers on the Factory mailing list. “ I believe we have no issues with meeting Alpha/Beta criteria for Leap 15.3, unlike criteria used for Go/noGo for 15.2.1. We should have an initial setup done by the 4th of November to meet the roadmap.

“I want to close one chapter so the openSUSE Release team can focus on the upcoming Leap release,” he wrote.

The kickoff is meant to be an informative session followed by a friendly chat/social over a virtual coffee, tea or beer (BYOCTB).

BASH has been good to me and I have enjoyed my time with BASH very much. I have learned so much about the inner workings of Linux through the terminal and BASH has been there my whole experience. “Tab” completion has been a marvelous gift to the terminal user experience. I have never had a … Continue reading FISH | Friendly Interactive SHell on openSUSE →

Some important changes are afoot in librsvg.

Changes to continuous integration

Some days ago, Dunja Lalic rewrote the continuous integration scripts to be much faster. A complete pipeline used to take about 90 minutes to run, now it takes about 15 minutes on average.

The description of changes is interesting. The idea is to make tests fail as fast as possible, close to the beginning of the pipeline. To speed up the whole pipeline, Dunja did the following:

• Move the cargo check stage to the beginning. This test means, "does this even have a chance of compiling?".

• Have the code style and formatting tests, cargo clippy and cargo fmt, run in parallel with the unit tests. These lints can fail, but they are easy to fix after one is finished modifying the main code.

• Run the unit tests and the smoke tests in debug mode, so they compile quickly.

• Run the complete integration test suite in release mode. This takes longer to compile, but there are some slow tests that benefit a lot from faster execution.

• Move the release tests until the end, and only run them once a week — or whenever, by hand. These take a good amount of time to run, because they do a full make distcheck and autotools is slow. Even then, now these tests take 30-40 minutes, instead of the 90 from before.

• Between each stage of the pipeline, don't cache what doesn't help reduce compilation time. It seems that keeping around a big cache, with the whole build target, between each pipeline stage can be worse than not having one at all.

Test suite in Rust

Beteen Sven Neumann, Dunja Lalic, and myself we have finally ported the test suite to Rust: all of librsvg's tests are now in Rust, except for the C API tests. We had to do a few things:

• Review the old tests and remove some obsolete ones.

• Port each of the test modules to Rust. They are small, but each one has special little things — test for crashes in the XML loading code, test for crashes during rendering, test the library's security limits.

• Fix the small tests that come as part of the documentation.

• Untangle the reference tests and port them to Rust.

• Move little chunks of code around so the unit tests and integration tests can share utilities to compare images, compute file paths for test fixtures, etc.

The most complicated thing to port was the reference tests. These are the most important ones; each test loads an SVG document, renders it, and compares the result to a reference PNG image. There are some complications in the tests; they have to create a special configuration for Fontconfig and Pango, so as to have reproducible font rendering. The pango-rs bindings do not cover this part of Pango, so we had to do some things by hand.

Anyway, the tests are now in Rust. One nice thing is that now the tests run automatically in parallel, across all CPU cores, so we save on total testing time.

What's next: cargo-c and publish to crates.io

We want to be able to publish librsvg in crates.io as a normal crate; this implies being able to compile, test, and publish entirely from Cargo. The compilation and testing part is done.

Now, we have to reorganize the code so it can be published to crates.io. Librsvg comes in three parts, rsvg_internals with the implementation of the library, librsvg with the traditional C API, and librsvg_crate with the Rust API. However, to publish the Rust API to crates.io, it would be more convenient to have a single crate instead of one with the internals and one with the API.

The next step is thus to reorganize the code:

• Make it possible to implement the C API as a compile-time option on top of the normal Rust code. We want to use cargo-c to compile the traditional shared library librsvg.so, instead of depending on C tools for compiling and linking.

• Combine rsvg_internals and librsvg_crate in a single crate, to publish them together. Crates.io has a 10 MB limit per crate; now that the test suite lives in a separate tests crate, this shouldn't be a problem.

• I would like to polish the public error types before publishing the Rust API; right now they expose some implementation details that are of no interest to callers of the library.

What remains to be ported to Rust?

Only two things, which amount to less than 900 lines of C code:

• rsvg-convert - the command-line program that everyone uses to convert SVG to PNG and other formats. Fortunately, Sven Neumann wrote some fantastic tests for rsvg-convert, as it is like an API that we need to keep stable: if we change the command-line options or the program's behavior, we would break everyone's scripts.

• The gdk-pixbuf module for loading SVG. Alberto Ruiz has started porting it to Rust. The generic part of this code could later serve to wrap other Rust image codecs and plug them to gdk-pixbuf.

I did a presentation during the virtual Hacktoberfest Mauritius on Friday night, 23 October 2020. I had the freedom to choose a topic. So, I decided to talk about setting up Flatpak on openSUSE.

What is Flatpak?

Flatpak is a system for building, distributing, and running sandboxed desktop applications. It was developed in 2015 by Alex Larsson and is currently maintained by an independent community of developers. It is written in C and its source code is available on GitHub.

Installation process is straightforward using zypper.

zypper in flatpak

The flatpak utility can then be used at the command line to add a repository. In our case, we are going to add the flathub repository.

flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo

We specify the option remote-add to indicate that we wish to add a repository, --if-not-exists to execute the command only if the repo does not exist on the system already, then followed by a name for the repo. We named the repo flathub but we could have called it something else as well, e.g myfavoriterepo. Lastly, we specify the url of the repository.

Next, we check whether the repo has been added.

ish@coffee-bar:~> flatpak remotes
Name    Options
flathub system

We can now start searching and installing apps from the flathub repo.

ish@coffee-bar:~> flatpak search postman
Name             Description                                                 Application ID                  Version          Branch         Remotes
Postman          Postman is a complete API development environment.          com.getpostman.Postman          7.31.0           stable         flathub

We install the application by specifying the Application ID.

flatpak install com.getpostman.Postman

The necessary icons and application shorcuts will be created as the installation completes. Therefore, launching the application from the desktop will follow the usual steps.

However, if you wish to run the application from the command line, e.g Postman, you cannot do so by simply typing postman at the terminal prompt. It should be run as follows:

flatpak run com.getpostman.Postman

Sandbox

With Flatpak, each application is built and run in an isolated environment. By default, the application can only 'see' itself and its runtime. Access to user files, network, graphics sockets, subsystems on the bus and devices have to be explicitly granted.

Under the hood

Flatpak uses a number of pre-existing technologies. It generally isn’t necessary to be familiar with these in order to use Flatpak, although in some cases it might be useful. They include:

• The bubblewrap utility from Project Atomic, which lets unprivileged users set up and run containers, using kernel features such as:
  - Cgroups
  - Namespaces
  - Bind mounts
  - Seccomp rules
• systemd to set up cgroups for sandboxes
• The OSTree system for versioning and distributing filesystem trees

Saamiyah pinged me a few days ago about the Hacktoberfest event that she was organising and asked whether I would be free to present a topic. Sure, why not?

As many tech meetups at the moment, the Hacktoberfest event also was virtual. It was hosted on the Jitsi instance of the Mauritius Software Craftsmanship Community. The event was scheduled to start at 19h30 on Friday, i.e last evening. I was late to join but "luckily" so was everybody.

Local hacktoberfest is live 😊 #mauritius pic.twitter.com/qFoNmFDn78

— Saamiyah 🇲🇺 (@smearthelove) October 23, 2020

As the event started, we had some small-talk before the presentations really kick-off. We talked about flexi-time, work-from-(home|anywhere), and how they compare to being full-time in office.

Saamiyah did the first presentation in which she talked about the concept of Hacktoberfest, a month where open source software is celebrated. Sandeep spoke about local open source projects on GitHub.

I spoke about Flatpak and how to set it up on openSUSE. I concluded my presentation with an observation on the rise of Flatpak fuelled by the idea of having immutable & maintenance-free systems such as Fedora Silverblue and openSUSE MicroOS Desktop.

The presentation slides are available at speakerdeck.com.

The next speaker, Alan, spoke about Docker Swarm, followed by Pritvi who talked about software licenses. It was 22h00 by that time and I could not stay longer. I bid goodnight on the chat room and wished everyone to continue having fun!

21st Noodling of jam packed excitement… not really. This is the 21st hot-pocket-sized podcast that won’t scorch roof of your mouth. I have a small collection of vintage or near vintage gaming consoles. I lean mostly in the Nintendo party as I think they have a great grasp on what is fun. I don’t always … Continue reading Noodlings 21 | Inspiration Is Around You →